package com.joe.security.distributed.order.controller;

import com.joe.security.distributed.order.model.UserDto;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @Description
 * @Author 高建伟-joe
 * @Date 2023-11-09
 */
@RestController
public class OrderController {

    @RequestMapping(value = "/r/r1", produces = {"text/plain;charset=utf-8"})
    @PreAuthorize("hasAnyAuthority('p1')")
    public String r1(){
        UserDto userDto = (UserDto) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        return userDto.getFullname() + "访问资源1";
    }
}
